Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
File: AS42831.roa (raw, json)
Hash identifier: zNLbxPxTGngB36ixgKmP4pEY1iMUc1ypISBIcYDTYq0=
Subject key identifier: F6:72:A4:3D:F5:BC:E3:0E:98:B3:0F:C3:2E:32:C9:3F:DF:F0:4C:2D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 580BB6ED0C7E54931254CDE985D1C061044C7CEF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
Signing time: Fri 31 Oct 2025 20:00:43 +0000
ROA not before: Fri 31 Oct 2025 19:55:43 +0000
ROA not after: Fri 30 Oct 2026 20:00:43 +0000
asID: 42831
IP address blocks: 146.103.28.0/24 maxlen: 24
150.241.132.0/24 maxlen: 24
150.241.133.0/24 maxlen: 24
150.241.134.0/24 maxlen: 24
150.241.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:0b:b6:ed:0c:7e:54:93:12:54:cd:e9:85:d1:c0:61:04:4c:7c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 31 19:55:43 2025 GMT
Not After : Oct 30 20:00:43 2026 GMT
Subject: CN=F672A43DF5BCE30E98B30FC32E32C93FDFF04C2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f1:91:74:b5:d4:ca:c6:25:07:58:c8:f2:82:
3c:22:88:1b:2f:36:5c:3e:1e:98:1e:d7:44:0a:45:
ba:ec:38:14:0a:d8:35:83:ce:b5:52:6e:7f:02:72:
fd:a0:23:88:1a:49:c5:43:9c:a7:19:a3:ef:90:27:
b6:8c:09:17:41:b1:da:db:ef:2b:e0:83:a0:0d:c7:
0a:97:08:96:cd:4a:4d:b0:98:8b:3e:4c:b9:73:4e:
02:c6:ca:3d:a7:1e:6b:07:59:51:33:65:4e:06:bf:
11:8f:81:fa:f4:2c:ef:4c:d9:16:c8:14:73:55:fb:
7d:1d:3c:38:fa:18:65:0c:2a:9f:92:9d:ac:0c:11:
80:8f:8b:32:17:87:b6:74:e3:37:e3:02:56:6d:25:
c3:35:7f:52:f0:4b:45:73:7b:17:12:db:c0:69:c8:
e8:3e:1e:f7:eb:27:47:54:3e:b4:b1:bb:5f:04:b7:
da:be:c7:93:56:37:96:6f:65:da:e4:38:6c:5a:52:
a7:74:73:62:fb:14:ec:07:3d:4f:b0:fe:5d:e6:ed:
39:89:9e:f3:01:ae:e1:2d:dd:43:1a:56:a8:39:64:
6d:ba:3b:94:8f:24:ed:db:31:ba:63:b8:e4:0e:5c:
91:2f:e4:6f:50:a1:48:6a:52:b5:b3:78:bf:e8:fb:
15:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:72:A4:3D:F5:BC:E3:0E:98:B3:0F:C3:2E:32:C9:3F:DF:F0:4C:2D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS42831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.28.0/24
150.241.132.0-150.241.134.255
150.241.144.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:17:fb:24:c4:be:f1:12:ae:28:3c:28:3f:c6:54:fd:69:eb:
b4:fb:e8:f7:b2:cd:df:43:cf:a4:f6:4f:f0:23:c2:28:b1:e2:
af:08:b5:13:5d:64:81:d4:37:65:ea:fc:64:00:f2:8f:37:b2:
d8:12:43:0a:e3:4b:51:2b:1a:b1:29:d2:8d:6c:26:df:95:6d:
4d:4f:48:e3:d1:96:67:50:c3:ff:78:6d:5d:c3:55:0b:be:37:
67:25:e1:d1:11:37:de:74:da:dc:cd:33:1b:d8:c0:a6:bc:5f:
f4:55:8e:80:3c:22:e2:d7:bc:f1:9e:23:bf:85:91:66:54:cc:
24:f2:ef:ac:38:f9:17:cb:f9:60:0c:55:c1:2a:1a:fe:9d:85:
cf:4f:c0:37:03:45:67:62:02:93:a8:d8:0e:7a:fa:0f:f1:c0:
ab:fb:e5:e6:bc:7b:2d:0d:dd:48:41:77:a2:74:1b:da:6a:e7:
a3:0f:00:42:38:64:f0:02:8a:30:a1:59:5e:4e:45:4e:e1:ef:
cd:91:d9:33:04:81:33:af:cf:68:71:7c:de:55:0d:29:38:45:
2e:ec:32:f7:ad:64:aa:fb:12:8b:eb:dd:22:f4:93:13:80:b2:
3f:98:d7:c4:ed:1d:97:33:d3:13:12:21:31:7c:16:31:8a:fd:
aa:bb:76:75
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUWAu27Qx+VJMSVM3phdHAYQRMfO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMzExOTU1NDNaFw0yNjEwMzAyMDAwNDNaMDMxMTAvBgNV
BAMTKEY2NzJBNDNERjVCQ0UzMEU5OEIzMEZDMzJFMzJDOTNGREZGMDRDMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm8ZF0tdTKxiUHWMjygjwiiBsv
Nlw+Hpge10QKRbrsOBQK2DWDzrVSbn8Ccv2gI4gaScVDnKcZo++QJ7aMCRdBsdrb
7yvgg6ANxwqXCJbNSk2wmIs+TLlzTgLGyj2nHmsHWVEzZU4GvxGPgfr0LO9M2RbI
FHNV+30dPDj6GGUMKp+SnawMEYCPizIXh7Z04zfjAlZtJcM1f1LwS0VzexcS28Bp
yOg+HvfrJ0dUPrSxu18Et9q+x5NWN5ZvZdrkOGxaUqd0c2L7FOwHPU+w/l3m7TmJ
nvMBruEt3UMaVqg5ZG26O5SPJO3bMbpjuOQOXJEv5G9QoUhqUrWzeL/o+xX/AgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQU9nKkPfW84w6Ysw/DLjLJP9/wTC0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDI4MzEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgABMBoDBACSZxww
DAMEApbxhAMEAJbxhgMEAJbxkDANBgkqhkiG9w0BAQsFAAOCAQEAOxf7JMS+8RKu
KDwoP8ZU/WnrtPvo97LN30PPpPZP8CPCKLHirwi1E11kgdQ3Zer8ZADyjzey2BJD
CuNLUSsasSnSjWwm35VtTU9I49GWZ1DD/3htXcNVC743ZyXh0RE33nTa3M0zG9jA
prxf9FWOgDwi4te88Z4jv4WRZlTMJPLvrDj5F8v5YAxVwSoa/p2Fz0/ANwNFZ2IC
k6jYDnr6D/HAq/vl5rx7LQ3dSEF3onQb2mrnow8AQjhk8AKKMKFZXk5FTuHvzZHZ
MwSBM6/PaHF83lUNKThFLuwy961kqvsSi+vdIvSTE4CyP5jXxO0dlzPTExIhMXwW
MYr9qrt2dQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:14:17 2025 by rpki-client